Are you considering a new smartphone? If you are, Amazon’s Fire phone might be high on your list. But hold on a minute: there are five privacy reasons why this might not be a good idea…

The Amazon Smartphone is likely to be ubiquitous this Christmas, pushed every time you order gifts on Amazon. It’s likely to end up in the hands of older relatives and kids, too, providing the company with a vast new customer base.

But what else will Amazon get out of it?

There is the very strong possibility that one of the new features introduced on the Fire, Firefly, will enable Amazon to collect an unprecedented volume of data about each device owner. This is bad.

Sadly, it’s not the only privacy and security issue with the Amazon Fire.

One result of this is a lack of the Android store on Google Play (see below) but in its place is the Amazon App Store (which features many high profile apps). Similarly, while there is no Google Now, no Google Maps or Music, there is access to various Amazon services, like Amazon Music and Amazon Maps. Meanwhile, like the Kindle Fire devices, finding books and products to potentially buy using the Fire phone is going to be extremely easy.

The presentation from Jeff Bezos below will explain the device in considerable detail.

All of this might sound quite thrilling, and the successful marriage of a phone to an online store certainly seems intriguing. However, there are problems, security vulnerabilities and privacy issues that you should consider.

The Operating System

The first thing you will see with the Fire phone is the Fire OS 3.5 operating system, based on Android 4.2. Although, there are plans to release a version based on Android 4.4.

This, however, is one of the main problems – you’ll be using a brand new phone sporting an older version of Android. For many, this might not be a major concern, but as each version of Android features security fixes, you would think that having the most up-to-date release of the OS – or a fork of that – would be the best plan.

Updates on the Kindle Fire tablets are usually forced too, which means any security holes in the Fire OS that have been overlooked are applied regardless of whether the user wants the update or not. Will the same procedure for updating be applied on the Fire phone? It seems likely.

Silk Browser

A second problem with the Fire OS is the browser. Silk Browser is based on Chromium, and relies heavily on the Amazon Cloud to decrease load times for the vast majority of websites. This feature alone has raised some eyebrows.

Browsers have long been considered a target for attackers to gain control of computers and other devices. At present the Kindle Fire isn’t widely used enough for hackers to turn their attention to the Silk Browser, but with the introduction of the Amazon Fire phone, the possibility of increased use of Silk could result in vulnerabilities being discovered and manipulated by attackers.

Naturally, Amazon will be expected to deal with these vulnerabilities, but at this stage it is inexperienced in addressing such security threats.

Firefly: Storing YOU In The Cloud

Probably the biggest user privacy concern with the Amazon Fire smartphone is Firefly, a sort of metadata archive that delivers a considerable amount of information about you to Amazon.

Firefly is ostensibly a tool to help Amazon find things you’re interested in, while also acting as a tool for recognizing music (think Shazam, the popular app for telling you the name of the song you can currently hear on the radio), products and TV shows and scanning QR codes and URLs.

What this means is that any and all information collected by the device’s camera, microphone and GPS will be remotely stored, where it can then be used by app developers. We’re talking metadata concerning everything that can be seen in an image, from games and glasses to books and building blocks. The implications of this volume of metadata being available in this way are as yet unclear, but the lock screen button that enables Firefly to launch the camera is itself a particular security risk.

For instance, what might happen if the Firefly tool snapped a URL that used a hack that might crash the phone or prompt it to download malware? Or for a more likely scenario, how would you feel if your Amazon profile was screwed up by people taking photos with your phone of random items you’re not interested in? Another concern has been that users might accidentally buy items, but apparently there are safeguards to prevent this from happening.

We should point out that the Firefly system and the main camera app are kept separate; also, any photos and videos you take will remain private.

Firefly seems to be a huge problem for security advocates, and until Amazon clarifies the issues, this alone is a very good reason to avoid the Fire phone.

Selling With A 3D Illusion: Photographing You, Always

If you thought Firefly was enough of a reason to skip the Fire phone, don’t overlook Dynamic Perspective, a tool that will give you a 3D view of items you’re looking at on the Amazon store.

This is achieved by using the phone’s gyroscope to determine the orientation of the device and four cameras to record where your eyes are. Combining this information will enable the phone to display an object in three dimensions as if you were looking at it in person.

The images of your face are apparently not stored. They would, after all, take up a lot of space on your device, and it is unlikely that Amazon would want to maintain vast archives of its customers’ faces, but it is not beyond the realm of possibility (particularly following what we’ve learned following the Snowden revelations) that a malicious hacker or government agency might hack into your device to view you.

Incidentally, this feature also works in the dark.

Want Google Apps? Go Elsewhere

If you’re still planning on an Amazon Fire phone, the fact that you’re running a device based on Android will probably prompt you to wonder if you can install Google Maps or one of the search giant’s other popular apps.

A Great Smartphone, Or A Security Nightmare?

The Amazon Fire seems like a good idea. Being able to scan barcodes and photograph items while you’re out and about to get instant price comparisons and make a quick Amazon purchase seems like a great idea. Sadly, the information Amazon requires for this system to become a reality is simply too great.

At this stage, whether the device makes calls well or maintains its connection to the Internet is irrelevant. The reviews will come in over the next few months, but how many of these will focus on the security concerns?

Whatever the case, we’re advising that if you care for your online privacy and security, you should avoid buying an Amazon Fire phone.

If you do find yourself owning one, installing a custom ROM based on a more secure version of Android would be the safest option, but you’ll have to wait for one to be released first.

What do you think of Amazon’s new phone? Do you feel the integration with the Amazon ecosystem is too great, or are you nonplussed by the privacy concerns? Share your thoughts in the comments box.

My bar-none favourite tablet is a Fire HDX 8.9. I side loaded the apps I can't live without that aren't in the Amazon app store. It's a little bit lame, but it's far from a deal breaker. I wish I had Google's version of YouTube, but it doesn't bother me enough to root my tablet. Yet.

I prefer to do my browsing with Firefox, which is available directly on Mozilla's web site and has add on compatibility with the desktop version.

Amazon's hardware is unquestionably in the same class as Samsung, Microsoft and Apple. It sells devices with great screens and fast cpus. None of its devices have been duds.

I wouldn't buy an Amazon phone because I don't really want AT&T service, but I don't think I'd hesitate to recommend one for my mom or less technically inclined relatives. In that way, it's in the same space as a Windows phone, which really isn't a bad place to be.

While I'm definitely no fan of the Amazon Kindle Fire Phone, I have to point out that this article appears to be laced with a lot of FUD (fear, uncertainty, and doubt), almost to the point where it feels as if it was sponsored by another competitor or simply a passionate fanboy of another platform.

Let's take a look at the 5 reasons the article describes.

1. Forked OS: Granted that Fire OS 3.0 is based off of Android 4.2, it's still a viable OS which Amazon implements its own set of security features and controls in place. Anyone who says that it has to be 4.4 in order to be secure should be never use another ATM machine again, as most still run Windows XP.

2. Silk Browser. Again, I don't see how using a cloud-based browser is going to be less secure. In fact, it should be more secure, as most pages are stripped, processed, and rebuilt on the server's end, so all the device gets is the content without the bloated code that could contain such possible malware.

3. The Cloud. We all heard and know about the recent attacks on data in the cloud, but EVERY cloud-enabled device is susceptible to attacks and vulnerabilities. Metadata is just as important as the data it accompanies, but lacing hypothetical and absurd "What ifs" isn't making the Fire Phone any less safer than a typical Android or iOS device. Amazon's one-click feature is available on all versions of their Amazon app, as well as the desktop and website.

4. Perspective cameras. If you're concerned about a hacker or government agency peering at your face, again - EVERY smartphone with a front-facing camera is at the same level of risk as the Fire phone.

5. Google Apps. This particular reason aggravated me enough to write a response in the first place. The author recommends sideloading the Google Play Store. But you should be forewarned that ANY Google Play developer can make their application live for the entire ecosystem within minutes, completely untested, where Amazon's App Store goes through testing process before an app can go live. You want a more secure smartphone? Don't turn off the provided security features to sideload unapproved apps, and use Amazon's vetted App Store apps instead.

Let's get real. Companies are into big data. All companies. Even if they say "privacy is our highest concern." If you really think Amazon's Firefly is some trojan horse waiting to be unleashed on an unsuspecting public, you're already way behind, as we've been mined and sold a million times over each, with our social media profiles, forum posts, web histories, media likes, and shopping experiences. For the author of the article to recommend going to a custom ROM or even KitKat 4.4, he might as well be saying, "Ok, don't let Amazon and Google to spy on you, just allow Google to do it" and it's just as absurd. And, they're probably going to install the Amazon app anyway.

"...ANY Google Play developer can make their application live for the entire ecosystem within minutes, completely untested..." Google has been testing apps before allowing them on the Play Store for a year or more now, using Bouncer.

There are security risks with ANY OS...just think of the latest iOS security leak, with celebrity "candid" photos leaked everywhere; not to mention the recent problem with iOS devices "trusting" any PC they were plugged into, allowing anyone to back up the phone/tablet's ENTIRETY to any "trusted" PC, with or without wires.
Android isn't airtight, either, although it's getting better, and the only reason Windows Phone and Blackberry haven't been featured in any security threat reveals is their relatively tiny user base.